[jboss-dev-forums] [JBoss AS 7 Development] - Access control notes
Brian Stansberry
do-not-reply at jboss.com
Wed Apr 24 18:31:34 EDT 2013
Brian Stansberry [https://community.jboss.org/people/brian.stansberry] commented on the document
"Access control notes"
To view all comments on this document, visit: https://community.jboss.org/docs/DOC-48596#comment-11948
--------------------------------------------------
> Anil Saldhana wrote:
>
>
>
> > Heiko Braun wrote:
> >
> >
> > talking to darran: it seems the secuirty subsystem is only used for application level security and clearly separated from the adminstrative secuirty. Can sombody confirm this?
> >
> Ideally it should be the location of all security configuration. I do encourage moving the configuration to the security subsystem.
>
For a standalone server, the security-subsystem leaks out to management security via this:
https://github.com/wildfly/wildfly/blob/master/build/src/main/resources/docs/schema/jboss-as-config_2_0.xsd#L513 https://github.com/wildfly/wildfly/blob/master/build/src/main/resources/docs/schema/jboss-as-config_2_0.xsd#L513
Basically, the management security realm can delegate to a JAAS security domain configured in the subystem.
To consolidate all security configuration in the security "subsystem" requires adding some sort of extension/subsystem notion to the Host Controller. But that's too big a change to make for EAP 6.2.
--------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130424/b4b135bd/attachment.html
More information about the jboss-dev-forums
mailing list